Announcement

Collapse
No announcement yet.

New Kernel Vulnerability Allows Local Root For Unprivileged Processes

Collapse
X
Collapse
 
  • Page of 5
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 5 template Next
  • #21
    Originally posted by karolherbst View Post

    no, Rust can't prevent you from implementing false logic. Rust is no golden hammer.
    Nothing can protect you from false logic, but this is a use after free which I wrote in my first post and which is something Rust DO protect you about.
    What I did ask was if this code could have been written without unsafe blocks or not, with it beeing inside of a kernel...

    If you read a question and have no idea about the thing it is about you might want to think twice about answering it.

    Comment

    • #22
      Originally posted by vadix View Post

      As much as I like rust, I don't think there is any chance of the Linux kernel being written in anything except for C. If you are interested in a Unix-compatible Rust kernel, see Redox.
      No, me neither. Just wondering about the technical part . Redox is an interesting experiment but sadly I don't think it ever will have the resources it would need to be a serious alternative for Linux.

      Comment

      • #23
        Originally posted by Pajn View Post
        As this is a use after free issue, is this something that could have been prevented simply by using Rust instead?
        Safe Rust would catch it, but in a kernel code like this might have to be wrapped in unsafe blocks anyway?
        Who's going to rewrite zillions of code to Rust? Automated translators aren't still good enough. In order to have a good translator, you ought to have a extremely strong AI and make it learn computer programming like a pro. But how to implement it and what language should you use to implement it? Recursive issue!

        Originally posted by Pajn View Post

        No, me neither. Just [s]wonder[/s]speculating about [s]the technical part[/s] possibilities instead making them possible, just like everyone in Internet Forums . Redox is an interesting experiment but sadly I don't think [s]it ever will have the resources[/s]daydreaming nerds would have the courage and stubborness it would need to make it be a serious alternative for Linux.
        Fixed (not really, because this forum stuff doesn't support [s] bbcode)
        Last edited by timofonic; 07 December 2016, 09:52 AM.

        Comment

        • #24
          Originally posted by Pajn View Post
          Nothing can protect you from false logic, but this is a use after free which I wrote in my first post and which is something Rust DO protect you about.
          What I did ask was if this code could have been written without unsafe blocks or not, with it beeing inside of a kernel...

          If you read a question and have no idea about the thing it is about you might want to think twice about answering it.
          did you even read the patch?

          Comment

          • #25
            Thanks for the notification Michael. Applied the patch to my 4.8.12 tree, rebuilding now.

            Comment

            • #26
              Originally posted by Razican View Post

              Actually you don't need too much unsafe code in a kernel in Rust. Look at redox-os, for example. I'm almost sure it would have prevented it, since you don't actually free things in Rust, so, if it's used, it wasn't freed.
              That is nice, thanks!

              Originally posted by karolherbst View Post

              did you even read the patch?
              Yes, why?

              Comment

              • #27
                So Debian is safe by default because after they were the first add the patch to allow anonymous namespaces, they have still kept it default off after everyone else enabled it? Bloody hell, I think that helped them in this case. I still hope they enable it by default anyway soon. We need it for sandboxing

                Comment

                • #28
                  Originally posted by garegin View Post
                  Honestly. If you are idiot you should be using Windows.
                  fixed
                  • Likes 1

                  Comment

                  • #29
                    Originally posted by Pajn View Post
                    As this is a use after free issue, is this something that could have been prevented simply by using Rust instead?
                    Safe Rust would catch it, but in a kernel code like this might have to be wrapped in unsafe blocks anyway?
                    no, but it could have been prevented simply by using c++

                    Comment

                    • #30
                      Originally posted by Pajn View Post
                      What I did ask was if this code could have been written without unsafe blocks or not, with it beeing inside of a kernel...
                      no real code could have been written without unsafe blocks
                      • Likes 1

                      Comment

                      Previous 1 2 3 4 5 template Next
                      Working...
                      X